Allow Restore option for Resellers

Zaf shared this idea 3 years ago
Needs Feedback

Currently there is no way to allow resellers to restore their own domain backups, except by allowing them ALL privileges.

If resellers could manage their own backup restorations, it would ease the botheration of Root Admin

Best Answer
photo

There is a very explicit reason why this feature is not in the product. Allowing non-root users to restore accounts is a significant security concern.

The current restoration system expects and anticipates that only the root user will request a restore, meaning that it trusts the information within the backup to be what the root user wants to restore. If this were extended to resellers, then a reseller would be able to restore an account with any custom features they wanted (unlimited bandwidth, unlimited disk space, etc)

It is the current design and expectation that only the root user restore accounts and that they've verified the account is of acceptable limits/configuration post-restore.

In essence, this feature request is presently not realistic without also redesigning the entire restore system from the ground up. Even then, significant research would still need to be conducted on whether or not this would still be realistic from a security standpoint. There would be many configuration portions of the restore process that you could not and simply would not want to entrust a non-root user to be able to set upon restore for security reasons.

Comments (6)

photo
1

There is a very explicit reason why this feature is not in the product. Allowing non-root users to restore accounts is a significant security concern.

The current restoration system expects and anticipates that only the root user will request a restore, meaning that it trusts the information within the backup to be what the root user wants to restore. If this were extended to resellers, then a reseller would be able to restore an account with any custom features they wanted (unlimited bandwidth, unlimited disk space, etc)

It is the current design and expectation that only the root user restore accounts and that they've verified the account is of acceptable limits/configuration post-restore.

In essence, this feature request is presently not realistic without also redesigning the entire restore system from the ground up. Even then, significant research would still need to be conducted on whether or not this would still be realistic from a security standpoint. There would be many configuration portions of the restore process that you could not and simply would not want to entrust a non-root user to be able to set upon restore for security reasons.

photo
4

Hi Brian,

In the new WHM Backup system, under Backup Restoration, the user (root) selects a backup from a previous date for the account, queues the restoration(s) and then processes the queue.

I don't see how the reseller would have access to tamper with the backup.

But I do see how, it would be very helpful for him to be able to roll an account back to the state of a previous backup...

photo
1

I fully agree that resellers (or even end users) should be able to restore their daily backups (as long as said backups are stored locally and not on a remote location such as Amazon S3). right now I have a few users that want backups on a relatively regular basis, and it is a lot of trouble for me to have to go in and restore them.

I already had to add a new hard drive to my server so that i could retain backups locally, but right now users are still only able to download them, not restore them from cPanel.

This feature is absolutely a requirement for servers that have some users that want backups restored!

photo
1

Please, add on the reseller privilegies a option to enable the restoration options.

photo
1

Yesterday we have had a customer that they need restore a domain from the backup due a mistake on their side. He has opened us a ticket in a non-office time, and they need it +3 hours to get their site back. Why they can not run this task by him self? No sense limit this option for just root.

photo
1

I want to see this feature added as well. Even if a reseller can't restore a FULL account backup, at least give him (and / or the end user) the ability to restore files, databases and emails from the backups on the server (or remote backups)